ReactOS  0.4.14-dev-50-g13bb5e2
eventlog.c
Go to the documentation of this file.
1 /*
2  * Win32 advapi functions
3  *
4  * Copyright 1995 Sven Verdoolaege
5  * Copyright 1998 Juergen Schmied
6  * Copyright 2003 Mike Hearn
7  * Copyright 2007 HervĂ© Poussineau
8  *
9  * This library is free software; you can redistribute it and/or
10  * modify it under the terms of the GNU Lesser General Public
11  * License as published by the Free Software Foundation; either
12  * version 2.1 of the License, or (at your option) any later version.
13  *
14  * This library is distributed in the hope that it will be useful,
15  * but WITHOUT ANY WARRANTY; without even the implied warranty of
16  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17  * Lesser General Public License for more details.
18  *
19  * You should have received a copy of the GNU Lesser General Public
20  * License along with this library; if not, write to the Free Software
21  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
22  */
23 
24 /* INCLUDES ******************************************************************/
25 
26 #include <advapi32.h>
27 
28 #include <ndk/kefuncs.h>
29 #include <eventlogrpc_c.h>
30 
32 
33 static RPC_UNICODE_STRING EmptyStringU = { 0, 0, L"" };
34 static RPC_STRING EmptyStringA = { 0, 0, "" };
35 
36 
37 /* FUNCTIONS *****************************************************************/
38 
41 {
43  RPC_CSTR pszStringBinding;
45 
46  TRACE("EVENTLOG_HANDLE_A_bind() called\n");
47 
49  (RPC_CSTR)"ncacn_np",
50  (RPC_CSTR)UNCServerName,
51  (RPC_CSTR)"\\pipe\\EventLog",
52  NULL,
53  &pszStringBinding);
54  if (status)
55  {
56  ERR("RpcStringBindingCompose returned 0x%x\n", status);
57  return NULL;
58  }
59 
60  /* Set the binding handle that will be used to bind to the server. */
61  status = RpcBindingFromStringBindingA(pszStringBinding,
62  &hBinding);
63  if (status != RPC_S_OK)
64  {
65  ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
66  }
67 
68  status = RpcStringFreeA(&pszStringBinding);
69  if (status != RPC_S_OK)
70  {
71  ERR("RpcStringFree returned 0x%x\n", status);
72  }
73 
74  return hBinding;
75 }
76 
77 
78 void __RPC_USER
81 {
83 
84  TRACE("EVENTLOG_HANDLE_A_unbind() called\n");
85 
87  if (status != RPC_S_OK)
88  {
89  ERR("RpcBindingFree returned 0x%x\n", status);
90  }
91 }
92 
93 
96 {
98  RPC_WSTR pszStringBinding;
100 
101  TRACE("EVENTLOG_HANDLE_W_bind() called\n");
102 
104  L"ncacn_np",
105  UNCServerName,
106  L"\\pipe\\EventLog",
107  NULL,
108  &pszStringBinding);
109  if (status != RPC_S_OK)
110  {
111  ERR("RpcStringBindingCompose returned 0x%x\n", status);
112  return NULL;
113  }
114 
115  /* Set the binding handle that will be used to bind to the server. */
116  status = RpcBindingFromStringBindingW(pszStringBinding,
117  &hBinding);
118  if (status != RPC_S_OK)
119  {
120  ERR("RpcBindingFromStringBinding returned 0x%x\n", status);
121  }
122 
123  status = RpcStringFreeW(&pszStringBinding);
124  if (status != RPC_S_OK)
125  {
126  ERR("RpcStringFree returned 0x%x\n", status);
127  }
128 
129  return hBinding;
130 }
131 
132 
133 void __RPC_USER
136 {
138 
139  TRACE("EVENTLOG_HANDLE_W_unbind() called\n");
140 
142  if (status != RPC_S_OK)
143  {
144  ERR("RpcBindingFree returned 0x%x\n", status);
145  }
146 }
147 
148 
149 /******************************************************************************
150  * BackupEventLogA [ADVAPI32.@]
151  */
152 NTSTATUS
153 NTAPI
155  IN PANSI_STRING BackupFileNameA)
156 {
158 
159  if (!BackupFileNameA || (BackupFileNameA->Length == 0))
161 
163  {
164  Status = ElfrBackupELFA(hEventLog,
165  (PRPC_STRING)BackupFileNameA);
166  }
168  {
170  }
171  RpcEndExcept;
172 
173  return Status;
174 }
175 
176 BOOL WINAPI
178  IN LPCSTR lpBackupFileName)
179 {
180  BOOL Success;
182  ANSI_STRING BackupFileNameA;
183  UNICODE_STRING BackupFileNameW;
184 
185  TRACE("%p, %s\n", hEventLog, lpBackupFileName);
186 
187  if (lpBackupFileName == NULL)
188  {
190  return FALSE;
191  }
192 
193  RtlInitAnsiString(&BackupFileNameA, lpBackupFileName);
194 
195  Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
196  &BackupFileNameA,
197  TRUE);
198  if (!NT_SUCCESS(Status))
199  {
201  return FALSE;
202  }
203 
204  Success = BackupEventLogW(hEventLog,
205  BackupFileNameW.Buffer);
206 
207  RtlFreeUnicodeString(&BackupFileNameW);
208 
209  return Success;
210 }
211 
212 
213 /******************************************************************************
214  * BackupEventLogW [ADVAPI32.@]
215  *
216  * PARAMS
217  * hEventLog []
218  * lpBackupFileName []
219  */
220 NTSTATUS
221 NTAPI
223  IN PUNICODE_STRING BackupFileNameU)
224 {
226 
227  if (!BackupFileNameU || (BackupFileNameU->Length == 0))
229 
231  {
232  Status = ElfrBackupELFW(hEventLog,
233  (PRPC_UNICODE_STRING)BackupFileNameU);
234  }
236  {
238  }
239  RpcEndExcept;
240 
241  return Status;
242 }
243 
244 BOOL WINAPI
246  IN LPCWSTR lpBackupFileName)
247 {
249  UNICODE_STRING BackupFileName;
250 
251  TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
252 
253  if (lpBackupFileName == NULL)
254  {
256  return FALSE;
257  }
258 
259  if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
260  NULL, NULL))
261  {
263  return FALSE;
264  }
265 
266  Status = ElfBackupEventLogFileW(hEventLog, &BackupFileName);
267 
268  RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
269 
270  if (!NT_SUCCESS(Status))
271  {
273  return FALSE;
274  }
275 
276  return TRUE;
277 }
278 
279 
280 /******************************************************************************
281  * ClearEventLogA [ADVAPI32.@]
282  */
283 NTSTATUS
284 NTAPI
286  IN PANSI_STRING BackupFileNameA)
287 {
289 
291  {
292  Status = ElfrClearELFA(hEventLog,
293  (PRPC_STRING)BackupFileNameA);
294  }
296  {
298  }
299  RpcEndExcept;
300 
301  return Status;
302 }
303 
304 BOOL WINAPI
306  IN LPCSTR lpBackupFileName)
307 {
308  BOOL Success;
310  ANSI_STRING BackupFileNameA;
311  UNICODE_STRING BackupFileNameW;
312 
313  TRACE("%p, %s\n", hEventLog, lpBackupFileName);
314 
315  if (lpBackupFileName == NULL)
316  {
317  RtlInitUnicodeString(&BackupFileNameW, NULL);
318  }
319  else
320  {
321  RtlInitAnsiString(&BackupFileNameA, lpBackupFileName);
322 
323  Status = RtlAnsiStringToUnicodeString(&BackupFileNameW,
324  &BackupFileNameA,
325  TRUE);
326  if (!NT_SUCCESS(Status))
327  {
329  return FALSE;
330  }
331  }
332 
333  Success = ClearEventLogW(hEventLog,
334  BackupFileNameW.Buffer);
335 
336  RtlFreeUnicodeString(&BackupFileNameW);
337 
338  return Success;
339 }
340 
341 
342 /******************************************************************************
343  * ClearEventLogW [ADVAPI32.@]
344  */
345 NTSTATUS
346 NTAPI
348  IN PUNICODE_STRING BackupFileNameU)
349 {
351 
353  {
354  Status = ElfrClearELFW(hEventLog,
355  (PRPC_UNICODE_STRING)BackupFileNameU);
356  }
358  {
360  }
361  RpcEndExcept;
362 
363  return Status;
364 }
365 
366 BOOL WINAPI
368  IN LPCWSTR lpBackupFileName)
369 {
371  UNICODE_STRING BackupFileName;
372 
373  TRACE("%p, %s\n", hEventLog, debugstr_w(lpBackupFileName));
374 
375  if (lpBackupFileName == NULL)
376  {
377  RtlInitUnicodeString(&BackupFileName, NULL);
378  }
379  else
380  {
381  if (!RtlDosPathNameToNtPathName_U(lpBackupFileName, &BackupFileName,
382  NULL, NULL))
383  {
385  return FALSE;
386  }
387  }
388 
389  Status = ElfClearEventLogFileW(hEventLog, &BackupFileName);
390 
391  if (lpBackupFileName != NULL)
392  RtlFreeHeap(RtlGetProcessHeap(), 0, BackupFileName.Buffer);
393 
394  if (!NT_SUCCESS(Status))
395  {
397  return FALSE;
398  }
399 
400  return TRUE;
401 }
402 
403 
404 /******************************************************************************
405  * CloseEventLog [ADVAPI32.@]
406  */
407 NTSTATUS
408 NTAPI
410 {
412 
414  {
415  Status = ElfrCloseEL(&hEventLog);
416  }
418  {
420  }
421  RpcEndExcept;
422 
423  return Status;
424 }
425 
426 BOOL WINAPI
428 {
430 
431  TRACE("%p\n", hEventLog);
432 
433  Status = ElfCloseEventLog(hEventLog);
434  if (!NT_SUCCESS(Status))
435  {
437  return FALSE;
438  }
439 
440  return TRUE;
441 }
442 
443 
444 /******************************************************************************
445  * DeregisterEventSource [ADVAPI32.@]
446  * Closes a handle to the specified event log
447  *
448  * PARAMS
449  * hEventLog [I] Handle to event log
450  *
451  * RETURNS STD
452  */
453 NTSTATUS
454 NTAPI
456 {
458 
460  {
461  Status = ElfrDeregisterEventSource(&hEventLog);
462  }
464  {
466  }
467  RpcEndExcept;
468 
469  return Status;
470 }
471 
472 BOOL WINAPI
474 {
476 
477  TRACE("%p\n", hEventLog);
478 
479  Status = ElfDeregisterEventSource(hEventLog);
480  if (!NT_SUCCESS(Status))
481  {
483  return FALSE;
484  }
485 
486  return TRUE;
487 }
488 
489 
490 /******************************************************************************
491  * GetEventLogInformation [ADVAPI32.@]
492  *
493  * PARAMS
494  * hEventLog [I] Handle to event log
495  * dwInfoLevel [I] Level of event log information to return
496  * lpBuffer [O] Buffer that receives the event log information
497  * cbBufSize [I] Size of the lpBuffer buffer
498  * pcbBytesNeeded [O] Required buffer size
499  */
500 BOOL WINAPI
506 {
508 
510  {
512  return FALSE;
513  }
514 
516  {
517  Status = ElfrGetLogInformation(hEventLog,
518  dwInfoLevel,
519  (LPBYTE)lpBuffer,
520  cbBufSize,
522  }
524  {
526  }
527  RpcEndExcept;
528 
529  if (!NT_SUCCESS(Status))
530  {
532  return FALSE;
533  }
534 
535  return TRUE;
536 }
537 
538 
539 /******************************************************************************
540  * GetNumberOfEventLogRecords [ADVAPI32.@]
541  *
542  * PARAMS
543  * hEventLog []
544  * NumberOfRecords []
545  */
546 NTSTATUS
547 NTAPI
549  OUT PULONG NumberOfRecords)
550 {
552 
553  if (!NumberOfRecords)
555 
557  {
558  Status = ElfrNumberOfRecords(hEventLog, NumberOfRecords);
559  }
561  {
563  }
564  RpcEndExcept;
565 
566  return Status;
567 }
568 
569 BOOL WINAPI
571  OUT PDWORD NumberOfRecords)
572 {
574 
575  TRACE("%p, %p\n", hEventLog, NumberOfRecords);
576 
577  Status = ElfNumberOfRecords(hEventLog, NumberOfRecords);
578  if (!NT_SUCCESS(Status))
579  {
581  return FALSE;
582  }
583 
584  return TRUE;
585 }
586 
587 
588 /******************************************************************************
589  * GetOldestEventLogRecord [ADVAPI32.@]
590  *
591  * PARAMS
592  * hEventLog []
593  * OldestRecord []
594  */
595 NTSTATUS
596 NTAPI
598  OUT PULONG OldestRecordNumber)
599 {
601 
602  if (!OldestRecordNumber)
604 
606  {
607  Status = ElfrOldestRecord(hEventLog, OldestRecordNumber);
608  }
610  {
612  }
613  RpcEndExcept;
614 
615  return Status;
616 }
617 
618 BOOL WINAPI
620  OUT PDWORD OldestRecord)
621 {
623 
624  TRACE("%p, %p\n", hEventLog, OldestRecord);
625 
626  Status = ElfOldestRecord(hEventLog, OldestRecord);
627  if (!NT_SUCCESS(Status))
628  {
630  return FALSE;
631  }
632 
633  return TRUE;
634 }
635 
636 
637 /******************************************************************************
638  * NotifyChangeEventLog [ADVAPI32.@]
639  *
640  * PARAMS
641  * hEventLog []
642  * hEvent []
643  */
644 NTSTATUS
645 NTAPI
647  IN HANDLE hEvent)
648 {
650  CLIENT_ID ClientId = NtCurrentTeb()->ClientId;
651  RPC_CLIENT_ID RpcClientId;
652 
655 
657  {
658  Status = ElfrChangeNotify(hEventLog, RpcClientId, HandleToUlong(hEvent));
659  }
661  {
663  }
664  RpcEndExcept;
665 
666  return Status;
667 }
668 
669 BOOL WINAPI
671  IN HANDLE hEvent)
672 {
674 
675  TRACE("%p, %p\n", hEventLog, hEvent);
676 
677  Status = ElfChangeNotify(hEventLog, hEvent);
678  if (!NT_SUCCESS(Status))
679  {
681  return FALSE;
682  }
683 
684  return TRUE;
685 }
686 
687 
688 /******************************************************************************
689  * OpenBackupEventLogA [ADVAPI32.@]
690  */
691 NTSTATUS
692 NTAPI
694  IN PANSI_STRING BackupFileNameA,
695  OUT PHANDLE phEventLog)
696 {
698  PSTR pUNCServerName = NULL;
699 
700  if (!phEventLog || !BackupFileNameA || (BackupFileNameA->Length == 0))
702 
703  if (UNCServerNameA && (UNCServerNameA->Length != 0))
704  pUNCServerName = UNCServerNameA->Buffer;
705 
706  *phEventLog = NULL;
707 
709  {
710  Status = ElfrOpenBELA(pUNCServerName,
711  (PRPC_STRING)BackupFileNameA,
712  1, 1,
713  (IELF_HANDLE*)phEventLog);
714  }
716  {
718  }
719  RpcEndExcept;
720 
721  return Status;
722 }
723 
725 OpenBackupEventLogA(IN LPCSTR lpUNCServerName,
727 {
730  ANSI_STRING UNCServerNameA;
731  UNICODE_STRING UNCServerNameW;
733  UNICODE_STRING FileNameW;
734 
735  TRACE("%s, %s\n", lpUNCServerName, lpFileName);
736 
737  /* Convert the server name to unicode */
738  if (lpUNCServerName == NULL)
739  {
740  RtlInitUnicodeString(&UNCServerNameW, NULL);
741  }
742  else
743  {
744  RtlInitAnsiString(&UNCServerNameA, lpUNCServerName);
745 
746  Status = RtlAnsiStringToUnicodeString(&UNCServerNameW,
747  &UNCServerNameA,
748  TRUE);
749  if (!NT_SUCCESS(Status))
750  {
752  return NULL;
753  }
754  }
755 
756  /* Convert the file name to unicode */
757  if (lpFileName == NULL)
758  {
759  RtlInitUnicodeString(&FileNameW, NULL);
760  }
761  else
762  {
764 
766  &FileNameA,
767  TRUE);
768  if (!NT_SUCCESS(Status))
769  {
770  RtlFreeUnicodeString(&UNCServerNameW);
772  return NULL;
773  }
774  }
775 
776  /* Call the unicode function */
777  LogHandle = OpenBackupEventLogW(UNCServerNameW.Buffer,
778  FileNameW.Buffer);
779 
780  /* Free the unicode strings */
781  RtlFreeUnicodeString(&UNCServerNameW);
782  RtlFreeUnicodeString(&FileNameW);
783 
784  return LogHandle;
785 }
786 
787 
788 /******************************************************************************
789  * OpenBackupEventLogW [ADVAPI32.@]
790  *
791  * PARAMS
792  * lpUNCServerName []
793  * lpFileName []
794  */
795 NTSTATUS
796 NTAPI
798  IN PUNICODE_STRING BackupFileNameU,
799  OUT PHANDLE phEventLog)
800 {
802  PWSTR pUNCServerName = NULL;
803 
804  if (!phEventLog || !BackupFileNameU || (BackupFileNameU->Length == 0))
806 
807  if (UNCServerNameU && (UNCServerNameU->Length != 0))
808  pUNCServerName = UNCServerNameU->Buffer;
809 
810  *phEventLog = NULL;
811 
813  {
814  Status = ElfrOpenBELW(pUNCServerName,
815  (PRPC_UNICODE_STRING)BackupFileNameU,
816  1,
817  1,
818  (IELF_HANDLE*)phEventLog);
819  }
821  {
823  }
824  RpcEndExcept;
825 
826  return Status;
827 }
828 
832 {
834  HANDLE hEventLog;
835  UNICODE_STRING UNCServerName, FileName;
836 
837  TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpFileName));
838 
839  if (lpFileName == NULL)
840  {
842  return NULL;
843  }
844 
846  NULL, NULL))
847  {
849  return NULL;
850  }
851 
852  RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
853 
854  Status = ElfOpenBackupEventLogW(&UNCServerName, &FileName, &hEventLog);
855 
856  if (FileName.Buffer != NULL)
857  RtlFreeHeap(RtlGetProcessHeap(), 0, FileName.Buffer);
858 
859  if (!NT_SUCCESS(Status))
860  {
862  return NULL;
863  }
864 
865  return hEventLog;
866 }
867 
868 
869 /******************************************************************************
870  * OpenEventLogA [ADVAPI32.@]
871  *
872  * Opens a handle to the specified event log.
873  *
874  * PARAMS
875  * lpUNCServerName [I] UNC name of the server on which the event log is
876  * opened.
877  * lpSourceName [I] Name of the log.
878  *
879  * RETURNS
880  * Success: Handle to an event log.
881  * Failure: NULL
882  */
883 NTSTATUS
884 NTAPI
886  IN PANSI_STRING SourceNameA,
887  OUT PHANDLE phEventLog)
888 {
890  PSTR pUNCServerName = NULL;
891 
892  if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
894 
895  if (UNCServerNameA && (UNCServerNameA->Length != 0))
896  pUNCServerName = UNCServerNameA->Buffer;
897 
898  *phEventLog = NULL;
899 
901  {
902  Status = ElfrOpenELA(pUNCServerName,
903  (PRPC_STRING)SourceNameA,
904  &EmptyStringA,
905  1,
906  1,
907  (IELF_HANDLE*)phEventLog);
908  }
910  {
912  }
913  RpcEndExcept;
914 
915  return Status;
916 }
917 
919 OpenEventLogA(IN LPCSTR lpUNCServerName,
920  IN LPCSTR lpSourceName)
921 {
923  HANDLE hEventLog;
924  ANSI_STRING UNCServerName, SourceName;
925 
926  TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
927 
928  RtlInitAnsiString(&UNCServerName, lpUNCServerName);
929  RtlInitAnsiString(&SourceName, lpSourceName);
930 
931  Status = ElfOpenEventLogA(&UNCServerName, &SourceName, &hEventLog);
932  if (!NT_SUCCESS(Status))
933  {
935  return NULL;
936  }
937 
938  return hEventLog;
939 }
940 
941 
942 /******************************************************************************
943  * OpenEventLogW [ADVAPI32.@]
944  *
945  * PARAMS
946  * lpUNCServerName []
947  * lpSourceName []
948  */
949 NTSTATUS
950 NTAPI
952  IN PUNICODE_STRING SourceNameU,
953  OUT PHANDLE phEventLog)
954 {
956  PWSTR pUNCServerName = NULL;
957 
958  if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
960 
961  if (UNCServerNameU && (UNCServerNameU->Length != 0))
962  pUNCServerName = UNCServerNameU->Buffer;
963 
964  *phEventLog = NULL;
965 
967  {
968  Status = ElfrOpenELW(pUNCServerName,
969  (PRPC_UNICODE_STRING)SourceNameU,
970  &EmptyStringU,
971  1,
972  1,
973  (IELF_HANDLE*)phEventLog);
974  }
976  {
978  }
979  RpcEndExcept;
980 
981  return Status;
982 }
983 
985 OpenEventLogW(IN LPCWSTR lpUNCServerName,
986  IN LPCWSTR lpSourceName)
987 {
989  HANDLE hEventLog;
990  UNICODE_STRING UNCServerName, SourceName;
991 
992  TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
993 
994  RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
995  RtlInitUnicodeString(&SourceName, lpSourceName);
996 
997  Status = ElfOpenEventLogW(&UNCServerName, &SourceName, &hEventLog);
998  if (!NT_SUCCESS(Status))
999  {
1001  return NULL;
1002  }
1003 
1004  return hEventLog;
1005 }
1006 
1007 
1008 /******************************************************************************
1009  * ReadEventLogA [ADVAPI32.@]
1010  */
1011 NTSTATUS
1012 NTAPI
1014  IN ULONG ReadFlags,
1015  IN ULONG RecordOffset,
1016  OUT LPVOID Buffer,
1017  IN ULONG NumberOfBytesToRead,
1018  OUT PULONG NumberOfBytesRead,
1019  OUT PULONG MinNumberOfBytesNeeded)
1020 {
1021  NTSTATUS Status;
1022  ULONG Flags;
1023 
1024  if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
1025  {
1026  return STATUS_INVALID_PARAMETER;
1027  }
1028 
1031  {
1032  return STATUS_INVALID_PARAMETER;
1033  }
1034 
1037  {
1038  return STATUS_INVALID_PARAMETER;
1039  }
1040 
1041  RpcTryExcept
1042  {
1043  Status = ElfrReadELA(hEventLog,
1044  ReadFlags,
1045  RecordOffset,
1046  NumberOfBytesToRead,
1047  Buffer,
1048  NumberOfBytesRead,
1049  MinNumberOfBytesNeeded);
1050  }
1052  {
1054  }
1055  RpcEndExcept;
1056 
1057  return Status;
1058 }
1059 
1060 BOOL WINAPI
1062  IN DWORD dwReadFlags,
1063  IN DWORD dwRecordOffset,
1065  IN DWORD nNumberOfBytesToRead,
1066  OUT DWORD *pnBytesRead,
1067  OUT DWORD *pnMinNumberOfBytesNeeded)
1068 {
1069  NTSTATUS Status;
1070 
1071  TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
1072  hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
1073  nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
1074 
1075  Status = ElfReadEventLogA(hEventLog,
1076  dwReadFlags,
1077  dwRecordOffset,
1078  lpBuffer,
1079  nNumberOfBytesToRead,
1080  pnBytesRead,
1081  pnMinNumberOfBytesNeeded);
1082  if (!NT_SUCCESS(Status))
1083  {
1085  return FALSE;
1086  }
1087 
1088  return TRUE;
1089 }
1090 
1091 
1092 /******************************************************************************
1093  * ReadEventLogW [ADVAPI32.@]
1094  *
1095  * PARAMS
1096  * hEventLog []
1097  * dwReadFlags []
1098  * dwRecordOffset []
1099  * lpBuffer []
1100  * nNumberOfBytesToRead []
1101  * pnBytesRead []
1102  * pnMinNumberOfBytesNeeded []
1103  */
1104 NTSTATUS
1105 NTAPI
1107  IN ULONG ReadFlags,
1108  IN ULONG RecordOffset,
1109  OUT LPVOID Buffer,
1110  IN ULONG NumberOfBytesToRead,
1111  OUT PULONG NumberOfBytesRead,
1112  OUT PULONG MinNumberOfBytesNeeded)
1113 {
1114  NTSTATUS Status;
1115  ULONG Flags;
1116 
1117  if (!Buffer || !NumberOfBytesRead || !MinNumberOfBytesNeeded)
1118  {
1119  return STATUS_INVALID_PARAMETER;
1120  }
1121 
1124  {
1125  return STATUS_INVALID_PARAMETER;
1126  }
1127 
1130  {
1131  return STATUS_INVALID_PARAMETER;
1132  }
1133 
1134  RpcTryExcept
1135  {
1136  Status = ElfrReadELW(hEventLog,
1137  ReadFlags,
1138  RecordOffset,
1139  NumberOfBytesToRead,
1140  Buffer,
1141  NumberOfBytesRead,
1142  MinNumberOfBytesNeeded);
1143  }
1145  {
1147  }
1148  RpcEndExcept;
1149 
1150  return Status;
1151 }
1152 
1153 BOOL WINAPI
1155  IN DWORD dwReadFlags,
1156  IN DWORD dwRecordOffset,
1158  IN DWORD nNumberOfBytesToRead,
1159  OUT DWORD *pnBytesRead,
1160  OUT DWORD *pnMinNumberOfBytesNeeded)
1161 {
1162  NTSTATUS Status;
1163 
1164  TRACE("%p, %lu, %lu, %p, %lu, %p, %p\n",
1165  hEventLog, dwReadFlags, dwRecordOffset, lpBuffer,
1166  nNumberOfBytesToRead, pnBytesRead, pnMinNumberOfBytesNeeded);
1167 
1168  Status = ElfReadEventLogW(hEventLog,
1169  dwReadFlags,
1170  dwRecordOffset,
1171  lpBuffer,
1172  nNumberOfBytesToRead,
1173  pnBytesRead,
1174  pnMinNumberOfBytesNeeded);
1175  if (!NT_SUCCESS(Status))
1176  {
1178  return FALSE;
1179  }
1180 
1181  return TRUE;
1182 }
1183 
1184 
1185 /******************************************************************************
1186  * RegisterEventSourceA [ADVAPI32.@]
1187  */
1188 NTSTATUS
1189 NTAPI
1191  IN PANSI_STRING SourceNameA,
1192  OUT PHANDLE phEventLog)
1193 {
1194  NTSTATUS Status;
1195  PSTR pUNCServerName = NULL;
1196 
1197  if (!phEventLog || !SourceNameA || (SourceNameA->Length == 0))
1198  return STATUS_INVALID_PARAMETER;
1199 
1200  if (UNCServerNameA && (UNCServerNameA->Length != 0))
1201  pUNCServerName = UNCServerNameA->Buffer;
1202 
1203  *phEventLog = NULL;
1204 
1205  RpcTryExcept
1206  {
1207  Status = ElfrRegisterEventSourceA(pUNCServerName,
1208  (PRPC_STRING)SourceNameA,
1209  &EmptyStringA,
1210  1,
1211  1,
1212  (IELF_HANDLE*)phEventLog);
1213  }
1215  {
1217  }
1218  RpcEndExcept;
1219 
1220  return Status;
1221 }
1222 
1223 HANDLE WINAPI
1225  IN LPCSTR lpSourceName)
1226 {
1227  NTSTATUS Status;
1228  HANDLE hEventLog;
1229  ANSI_STRING UNCServerName, SourceName;
1230 
1231  TRACE("%s, %s\n", lpUNCServerName, lpSourceName);
1232 
1233  RtlInitAnsiString(&UNCServerName, lpUNCServerName);
1234  RtlInitAnsiString(&SourceName, lpSourceName);
1235 
1236  Status = ElfRegisterEventSourceA(&UNCServerName, &SourceName, &hEventLog);
1237  if (!NT_SUCCESS(Status))
1238  {
1240  return NULL;
1241  }
1242 
1243  return hEventLog;
1244 }
1245 
1246 
1247 /******************************************************************************
1248  * RegisterEventSourceW [ADVAPI32.@]
1249  * Returns a registered handle to an event log
1250  *
1251  * PARAMS
1252  * lpUNCServerName [I] Server name for source
1253  * lpSourceName [I] Source name for registered handle
1254  *
1255  * RETURNS
1256  * Success: Handle
1257  * Failure: NULL
1258  */
1259 NTSTATUS
1260 NTAPI
1262  IN PUNICODE_STRING SourceNameU,
1263  OUT PHANDLE phEventLog)
1264 {
1265  NTSTATUS Status;
1266  PWSTR pUNCServerName = NULL;
1267 
1268  if (!phEventLog || !SourceNameU || (SourceNameU->Length == 0))
1269  return STATUS_INVALID_PARAMETER;
1270 
1271  if (UNCServerNameU && (UNCServerNameU->Length != 0))
1272  pUNCServerName = UNCServerNameU->Buffer;
1273 
1274  *phEventLog = NULL;
1275 
1276  RpcTryExcept
1277  {
1278  Status = ElfrRegisterEventSourceW(pUNCServerName,
1279  (PRPC_UNICODE_STRING)SourceNameU,
1280  &EmptyStringU,
1281  1,
1282  1,
1283  (IELF_HANDLE*)phEventLog);
1284  }
1286  {
1288  }
1289  RpcEndExcept;
1290 
1291  return Status;
1292 }
1293 
1294 HANDLE WINAPI
1296  IN LPCWSTR lpSourceName)
1297 {
1298  NTSTATUS Status;
1299  HANDLE hEventLog;
1300  UNICODE_STRING UNCServerName, SourceName;
1301 
1302  TRACE("%s, %s\n", debugstr_w(lpUNCServerName), debugstr_w(lpSourceName));
1303 
1304  RtlInitUnicodeString(&UNCServerName, lpUNCServerName);
1305  RtlInitUnicodeString(&SourceName, lpSourceName);
1306 
1307  Status = ElfRegisterEventSourceW(&UNCServerName, &SourceName, &hEventLog);
1308  if (!NT_SUCCESS(Status))
1309  {
1311  return NULL;
1312  }
1313 
1314  return hEventLog;
1315 }
1316 
1317 
1318 /******************************************************************************
1319  * ReportEventA [ADVAPI32.@]
1320  */
1321 NTSTATUS
1322 NTAPI
1325  IN USHORT EventCategory,
1326  IN ULONG EventID,
1327  IN PSID UserSID,
1329  IN ULONG DataSize,
1331  IN PVOID Data,
1332  IN USHORT Flags,
1333  IN OUT PULONG RecordNumber,
1334  IN OUT PULONG TimeWritten)
1335 {
1336  NTSTATUS Status;
1337  LARGE_INTEGER SystemTime;
1338  ULONG Time;
1339  ULONG dwSize;
1340  ANSI_STRING ComputerName;
1341  CHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1342 
1343  dwSize = ARRAYSIZE(szComputerName);
1344  GetComputerNameA(szComputerName, &dwSize);
1345  RtlInitAnsiString(&ComputerName, szComputerName);
1346 
1347  NtQuerySystemTime(&SystemTime);
1348  RtlTimeToSecondsSince1970(&SystemTime, &Time);
1349 
1350  RpcTryExcept
1351  {
1352  Status = ElfrReportEventA(hEventLog,
1353  Time,
1354  EventType,
1355  EventCategory,
1356  EventID,
1357  NumStrings,
1358  DataSize,
1359  (PRPC_STRING)&ComputerName,
1360  (PRPC_SID)UserSID,
1361  (PRPC_STRING*)Strings,
1362  Data,
1363  Flags,
1364  RecordNumber,
1365  TimeWritten);
1366  }
1368  {
1370  }
1371  RpcEndExcept;
1372 
1373  return Status;
1374 }
1375 
1376 BOOL WINAPI
1378  IN WORD wType,
1379  IN WORD wCategory,
1380  IN DWORD dwEventID,
1381  IN PSID lpUserSid,
1382  IN WORD wNumStrings,
1383  IN DWORD dwDataSize,
1384  IN LPCSTR *lpStrings,
1385  IN LPVOID lpRawData)
1386 {
1387  NTSTATUS Status;
1389  WORD i;
1390 
1391  TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
1392  hEventLog, wType, wCategory, dwEventID, lpUserSid,
1393  wNumStrings, dwDataSize, lpStrings, lpRawData);
1394 
1397  wNumStrings * sizeof(PANSI_STRING));
1398  if (!Strings)
1399  {
1401  return FALSE;
1402  }
1403 
1404  for (i = 0; i < wNumStrings; i++)
1405  {
1408  sizeof(ANSI_STRING));
1409  if (Strings[i])
1410  {
1411  RtlInitAnsiString(Strings[i], lpStrings[i]);
1412  }
1413  }
1414 
1415  Status = ElfReportEventA(hEventLog,
1416  wType,
1417  wCategory,
1418  dwEventID,
1419  lpUserSid,
1420  wNumStrings,
1421  dwDataSize,
1422  Strings,
1423  lpRawData,
1424  0,
1425  NULL,
1426  NULL);
1427 
1428  for (i = 0; i < wNumStrings; i++)
1429  {
1430  if (Strings[i] != NULL)
1431  HeapFree(GetProcessHeap(), 0, Strings[i]);
1432  }
1433 
1435 
1436  if (!NT_SUCCESS(Status))
1437  {
1439  return FALSE;
1440  }
1441 
1442  return TRUE;
1443 }
1444 
1445 
1446 /******************************************************************************
1447  * ReportEventW [ADVAPI32.@]
1448  *
1449  * PARAMS
1450  * hEventLog []
1451  * wType []
1452  * wCategory []
1453  * dwEventID []
1454  * lpUserSid []
1455  * wNumStrings []
1456  * dwDataSize []
1457  * lpStrings []
1458  * lpRawData []
1459  */
1460 NTSTATUS
1461 NTAPI
1464  IN USHORT EventCategory,
1465  IN ULONG EventID,
1466  IN PSID UserSID,
1468  IN ULONG DataSize,
1470  IN PVOID Data,
1471  IN USHORT Flags,
1472  IN OUT PULONG RecordNumber,
1473  IN OUT PULONG TimeWritten)
1474 {
1475  NTSTATUS Status;
1476  LARGE_INTEGER SystemTime;
1477  ULONG Time;
1478  ULONG dwSize;
1479  UNICODE_STRING ComputerName;
1480  WCHAR szComputerName[MAX_COMPUTERNAME_LENGTH + 1];
1481 
1482  dwSize = ARRAYSIZE(szComputerName);
1483  GetComputerNameW(szComputerName, &dwSize);
1484  RtlInitUnicodeString(&ComputerName, szComputerName);
1485 
1486  NtQuerySystemTime(&SystemTime);
1487  RtlTimeToSecondsSince1970(&SystemTime, &Time);
1488 
1489  RpcTryExcept
1490  {
1491  Status = ElfrReportEventW(hEventLog,
1492  Time,
1493  EventType,
1494  EventCategory,
1495  EventID,
1496  NumStrings,
1497  DataSize,
1498  (PRPC_UNICODE_STRING)&ComputerName,
1499  (PRPC_SID)UserSID,
1501  Data,
1502  Flags,
1503  RecordNumber,
1504  TimeWritten);
1505  }
1507  {
1509  }
1510  RpcEndExcept;
1511 
1512  return Status;
1513 }
1514 
1515 BOOL WINAPI
1517  IN WORD wType,
1518  IN WORD wCategory,
1519  IN DWORD dwEventID,
1520  IN PSID lpUserSid,
1521  IN WORD wNumStrings,
1522  IN DWORD dwDataSize,
1523  IN LPCWSTR *lpStrings,
1524  IN LPVOID lpRawData)
1525 {
1526  NTSTATUS Status;
1528  WORD i;
1529 
1530  TRACE("%p, %u, %u, %lu, %p, %u, %lu, %p, %p\n",
1531  hEventLog, wType, wCategory, dwEventID, lpUserSid,
1532  wNumStrings, dwDataSize, lpStrings, lpRawData);
1533 
1536  wNumStrings * sizeof(PUNICODE_STRING));
1537  if (!Strings)
1538  {
1540  return FALSE;
1541  }
1542 
1543  for (i = 0; i < wNumStrings; i++)
1544  {
1547  sizeof(UNICODE_STRING));
1548  if (Strings[i])
1549  {
1550  RtlInitUnicodeString(Strings[i], lpStrings[i]);
1551  }
1552  }
1553 
1554  Status = ElfReportEventW(hEventLog,
1555  wType,
1556  wCategory,
1557  dwEventID,
1558  lpUserSid,
1559  wNumStrings,
1560  dwDataSize,
1561  Strings,
1562  lpRawData,
1563  0,
1564  NULL,
1565  NULL);
1566 
1567  for (i = 0; i < wNumStrings; i++)
1568  {
1569  if (Strings[i] != NULL)
1570  HeapFree(GetProcessHeap(), 0, Strings[i]);
1571  }
1572 
1574 
1575  if (!NT_SUCCESS(Status))
1576  {
1578  return FALSE;
1579  }
1580 
1581  return TRUE;
1582 }
1583 
1584 NTSTATUS
1585 NTAPI
1587  IN ULONG Time,
1588  IN PUNICODE_STRING ComputerName,
1590  IN USHORT EventCategory,
1591  IN ULONG EventID,
1592  IN PSID UserSID,
1595  IN ULONG DataSize,
1597  IN PVOID Data,
1598  IN USHORT Flags,
1599  IN OUT PULONG RecordNumber,
1600  IN OUT PULONG TimeWritten)
1601 {
1602  NTSTATUS Status;
1603 
1604  RpcTryExcept
1605  {
1606  Status = ElfrReportEventAndSourceW(hEventLog,
1607  Time,
1608  EventType,
1609  EventCategory,
1610  EventID,
1612  NumStrings,
1613  DataSize,
1614  (PRPC_UNICODE_STRING)ComputerName,
1615  (PRPC_SID)UserSID,
1617  (PBYTE)Data,
1618  Flags,
1619  RecordNumber,
1620  TimeWritten);
1621  }
1623  {
1625  }
1626  RpcEndExcept;
1627 
1628  return Status;
1629 }
1630 
1631 NTSTATUS
1632 NTAPI
1634 {
1635  NTSTATUS Status;
1636 
1637  RpcTryExcept
1638  {
1639  Status = ElfrFlushEL(hEventLog);
1640  }
1642  {
1644  }
1645  RpcEndExcept;
1646 
1647  return Status;
1648 }
LPWSTR EVENTLOG_HANDLE_W
Definition: eventlogrpc.idl:24
NTSTATUS WINAPI ElfrGetLogInformation(IELF_HANDLE LogHandle, ULONG InfoLevel, PBYTE Buffer, ULONG cbBufSize, PULONG pcbBytesNeeded)
Definition: rpc.c:1144
BOOL WINAPI SHIM_OBJ_NAME() GetComputerNameA(LPSTR lpBuffer, LPDWORD lpnSize)
Definition: shimtest.c:21
#define ERROR_INVALID_PARAMETER
Definition: compat.h:91
RPC_STATUS WINAPI RpcBindingFromStringBindingW(RPC_WSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:877
HANDLE WINAPI OpenEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
Definition: eventlog.c:985
NTSTATUS NTAPI ElfCloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:409
#define IN
Definition: typedefs.h:38
#define RpcEndExcept
Definition: rpc.h:128
RPC_STATUS WINAPI RpcBindingFree(RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:784
_In_ DWORD _In_ DWORD _Out_ LPDWORD pcbBytesNeeded
Definition: winsvc.h:424
#define TRUE
Definition: types.h:120
NTSTATUS WINAPI ElfrBackupELFA(IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
Definition: rpc.c:787
NTSTATUS NTAPI ElfClearEventLogFileA(IN HANDLE hEventLog, IN PANSI_STRING BackupFileNameA)
Definition: eventlog.c:285
NTSTATUS WINAPI ElfrReadELW(IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
Definition: rpc.c:530
NTSTATUS NTAPI ElfReportEventW(IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1462
const WCHAR * LPCWSTR
Definition: xmlstorage.h:185
handle_t hBinding
Definition: ctx_c.c:54
RPC_STATUS WINAPI RpcStringFreeW(RPC_WSTR *String)
Definition: rpcrt4_main.c:177
NTSTATUS NTAPI ElfReadEventLogW(IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
Definition: eventlog.c:1106
BOOLEAN NTAPI RtlTimeToSecondsSince1970(PLARGE_INTEGER Time, PULONG ElapsedSeconds)
NTSTATUS WINAPI ElfrClearELFA(IELF_HANDLE LogHandle, PRPC_STRING BackupFileName)
Definition: rpc.c:762
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
void __RPC_USER EVENTLOG_HANDLE_A_unbind(EVENTLOG_HANDLE_A UNCServerName, handle_t hBinding)
Definition: eventlog.c:79
uint16_t * PWSTR
Definition: typedefs.h:54
BOOL WINAPI BackupEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:245
RPC_STATUS WINAPI RpcStringBindingComposeA(RPC_CSTR ObjUuid, RPC_CSTR Protseq, RPC_CSTR NetworkAddr, RPC_CSTR Endpoint, RPC_CSTR Options, RPC_CSTR *StringBinding)
Definition: rpc_binding.c:458
char CHAR
Definition: xmlstorage.h:175
NTSTATUS WINAPI ElfrReportEventW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:724
LONG NTSTATUS
Definition: precomp.h:26
BOOLEAN NTAPI RtlFreeHeap(IN PVOID HeapHandle, IN ULONG Flags, IN PVOID HeapBase)
Definition: heap.c:606
#define HandleToUlong(h)
Definition: basetsd.h:79
BOOL WINAPI GetEventLogInformation(IN HANDLE hEventLog, IN DWORD dwInfoLevel, OUT LPVOID lpBuffer, IN DWORD cbBufSize, OUT LPDWORD pcbBytesNeeded)
Definition: eventlog.c:501
NTSTATUS WINAPI ElfrOpenBELW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:506
#define ARRAYSIZE(array)
Definition: filtermapper.c:47
#define ERROR_NOT_ENOUGH_MEMORY
Definition: dderror.h:7
BOOL WINAPI ReadEventLogW(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
Definition: eventlog.c:1154
NTSTATUS WINAPI ElfrDeregisterEventSource(PIELF_HANDLE LogHandle)
Definition: rpc.c:343
NTSTATUS WINAPI ElfrClearELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:289
BOOL WINAPI ReportEventA(IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCSTR *lpStrings, IN LPVOID lpRawData)
Definition: eventlog.c:1377
BOOL WINAPI GetComputerNameW(LPWSTR lpBuffer, LPDWORD lpnSize)
Definition: compname.c:440
unsigned short * RPC_WSTR
Definition: rpcdce.h:46
HANDLE UniqueProcess
Definition: compat.h:474
NTSTATUS NTAPI ElfNumberOfRecords(IN HANDLE hEventLog, OUT PULONG NumberOfRecords)
Definition: eventlog.c:548
RPC_STATUS WINAPI RpcStringFreeA(RPC_CSTR *String)
Definition: rpcrt4_main.c:161
RPC_STATUS WINAPI RpcStringBindingComposeW(RPC_WSTR ObjUuid, RPC_WSTR Protseq, RPC_WSTR NetworkAddr, RPC_WSTR Endpoint, RPC_WSTR Options, RPC_WSTR *StringBinding)
Definition: rpc_binding.c:511
static HANDLE hEvent
Definition: comm.c:54
NTSTATUS WINAPI ElfrOpenBELA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING BackupFileName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:897
#define EVENTLOG_BACKWARDS_READ
Definition: winnt_old.h:2627
NTSYSAPI VOID NTAPI RtlInitAnsiString(PANSI_STRING DestinationString, PCSZ SourceString)
NTSTATUS WINAPI ElfrBackupELFW(IELF_HANDLE LogHandle, PRPC_UNICODE_STRING BackupFileName)
Definition: rpc.c:313
NTSTATUS NTAPI ElfOpenBackupEventLogW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING BackupFileNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:797
NTSTATUS NTAPI ElfRegisterEventSourceW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:1261
long RPC_STATUS
Definition: rpc.h:52
_Must_inspect_result_ _In_ ULONG Flags
Definition: wsk.h:170
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
BOOL WINAPI ClearEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
Definition: eventlog.c:305
NTSTATUS NTAPI ElfReportEventAndSourceW(IN HANDLE hEventLog, IN ULONG Time, IN PUNICODE_STRING ComputerName, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN PUNICODE_STRING SourceName, IN USHORT NumStrings, IN ULONG DataSize, IN PUNICODE_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1586
unsigned char * LPBYTE
Definition: typedefs.h:52
NTSTATUS(* NTAPI)(IN PFILE_FULL_EA_INFORMATION EaBuffer, IN ULONG EaLength, OUT PULONG ErrorOffset)
Definition: IoEaTest.cpp:117
BOOL WINAPI GetOldestEventLogRecord(IN HANDLE hEventLog, OUT PDWORD OldestRecord)
Definition: eventlog.c:619
unsigned int BOOL
Definition: ntddk_ex.h:94
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT NumStrings
Definition: ndis.h:4751
NTSTATUS WINAPI ElfrCloseEL(PIELF_HANDLE LogHandle)
Definition: rpc.c:333
static RPC_STRING EmptyStringA
Definition: eventlog.c:34
#define debugstr_w
Definition: kernel32.h:32
static TAGREF LPCWSTR LPDWORD LPVOID lpBuffer
Definition: db.cpp:173
NTSTATUS WINAPI ElfrRegisterEventSourceW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:474
#define RpcTryExcept
Definition: rpc.h:126
unsigned char * RPC_CSTR
Definition: rpcdce.h:45
handle_t __RPC_USER EVENTLOG_HANDLE_W_bind(EVENTLOG_HANDLE_W UNCServerName)
Definition: eventlog.c:95
#define EXCEPTION_EXECUTE_HANDLER
Definition: excpt.h:85
HANDLE WINAPI OpenBackupEventLogW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpFileName)
Definition: eventlog.c:830
WINE_DEFAULT_DEBUG_CHANNEL(advapi)
NTSTATUS WINAPI ElfrOpenELA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:812
NTSTATUS NTAPI ElfFlushEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:1633
NTSTATUS WINAPI ElfrChangeNotify(IELF_HANDLE LogHandle, RPC_CLIENT_ID ClientId, ULONG Event)
Definition: rpc.c:433
smooth NULL
Definition: ftsmooth.c:416
NTSTATUS NTAPI ElfOpenBackupEventLogA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING BackupFileNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:693
BOOL WINAPI BackupEventLogA(IN HANDLE hEventLog, IN LPCSTR lpBackupFileName)
Definition: eventlog.c:177
Definition: bufpool.h:45
const char * LPCSTR
Definition: xmlstorage.h:183
NTSTATUS NTAPI ElfChangeNotify(IN HANDLE hEventLog, IN HANDLE hEvent)
Definition: eventlog.c:646
#define __RPC_USER
Definition: rpc.h:65
NTSTATUS NTAPI ElfReadEventLogA(IN HANDLE hEventLog, IN ULONG ReadFlags, IN ULONG RecordOffset, OUT LPVOID Buffer, IN ULONG NumberOfBytesToRead, OUT PULONG NumberOfBytesRead, OUT PULONG MinNumberOfBytesNeeded)
Definition: eventlog.c:1013
#define RpcExceptionCode()
Definition: rpc.h:132
#define TRACE(s)
Definition: solgame.cpp:4
_Out_ PCLIENT_ID ClientId
Definition: kefuncs.h:1176
#define GetProcessHeap()
Definition: compat.h:395
PVOID WINAPI HeapAlloc(HANDLE, DWORD, SIZE_T)
RPC_STATUS WINAPI RpcBindingFromStringBindingA(RPC_CSTR StringBinding, RPC_BINDING_HANDLE *Binding)
Definition: rpc_binding.c:837
NTSTATUS NTAPI ElfOldestRecord(IN HANDLE hEventLog, OUT PULONG OldestRecordNumber)
Definition: eventlog.c:597
__wchar_t WCHAR
Definition: xmlstorage.h:180
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:32
NTSTATUS NTAPI ElfDeregisterEventSource(IN HANDLE hEventLog)
Definition: eventlog.c:455
NTSTATUS WINAPI ElfrOpenELW(EVENTLOG_HANDLE_W UNCServerName, PRPC_UNICODE_STRING ModuleName, PRPC_UNICODE_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:446
void __RPC_USER EVENTLOG_HANDLE_W_unbind(EVENTLOG_HANDLE_W UNCServerName, handle_t hBinding)
Definition: eventlog.c:134
#define EVENTLOG_SEQUENTIAL_READ
Definition: winnt_old.h:2624
BOOL WINAPI NotifyChangeEventLog(IN HANDLE hEventLog, IN HANDLE hEvent)
Definition: eventlog.c:670
#define WINAPI
Definition: msvc.h:8
unsigned short WORD
Definition: ntddk_ex.h:93
unsigned long DWORD
Definition: ntddk_ex.h:95
_In_ DWORD _In_ DWORD cbBufSize
Definition: winsvc.h:424
NTSYSAPI VOID NTAPI RtlFreeUnicodeString(PUNICODE_STRING UnicodeString)
#define SetLastError(x)
Definition: compat.h:409
static const WCHAR Strings[]
Definition: reg.c:35
HANDLE UniqueThread
Definition: compat.h:475
BOOL WINAPI GetNumberOfEventLogRecords(IN HANDLE hEventLog, OUT PDWORD NumberOfRecords)
Definition: eventlog.c:570
static const WCHAR L[]
Definition: oid.c:1250
#define EVENTLOG_FULL_INFO
Definition: winbase.h:1107
BOOL WINAPI CloseEventLog(IN HANDLE hEventLog)
Definition: eventlog.c:427
BOOL WINAPI ReadEventLogA(IN HANDLE hEventLog, IN DWORD dwReadFlags, IN DWORD dwRecordOffset, OUT LPVOID lpBuffer, IN DWORD nNumberOfBytesToRead, OUT DWORD *pnBytesRead, OUT DWORD *pnMinNumberOfBytesNeeded)
Definition: eventlog.c:1061
NTSTATUS NTAPI ElfBackupEventLogFileW(IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
Definition: eventlog.c:222
PVOID *typedef PHANDLE
Definition: ntsecpkg.h:414
NTSTATUS NTAPI ElfRegisterEventSourceA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:1190
BOOL WINAPI ReportEventW(IN HANDLE hEventLog, IN WORD wType, IN WORD wCategory, IN DWORD dwEventID, IN PSID lpUserSid, IN WORD wNumStrings, IN DWORD dwDataSize, IN LPCWSTR *lpStrings, IN LPVOID lpRawData)
Definition: eventlog.c:1516
_In_ DWORD dwInfoLevel
Definition: winsvc.h:422
#define EVENTLOG_SEEK_READ
Definition: winnt_old.h:2625
Status
Definition: gdiplustypes.h:24
NTSYSAPI ULONG WINAPI RtlNtStatusToDosError(NTSTATUS)
#define ERR(fmt,...)
Definition: debug.h:109
#define MAX_COMPUTERNAME_LENGTH
Definition: winbase.h:240
struct _FileName FileName
Definition: fatprocs.h:884
FORCEINLINE struct _TEB * NtCurrentTeb(VOID)
Definition: psfuncs.h:420
unsigned short USHORT
Definition: pedump.c:61
static RPC_UNICODE_STRING EmptyStringU
Definition: eventlog.c:33
BOOL WINAPI ClearEventLogW(IN HANDLE hEventLog, IN LPCWSTR lpBackupFileName)
Definition: eventlog.c:367
NTSYSAPI NTSTATUS NTAPI RtlAnsiStringToUnicodeString(PUNICODE_STRING DestinationString, PANSI_STRING SourceString, BOOLEAN AllocateDestinationString)
NTSTATUS WINAPI ElfrReadELA(IELF_HANDLE LogHandle, ULONG ReadFlags, ULONG RecordOffset, RULONG NumberOfBytesToRead, PBYTE Buffer, PULONG NumberOfBytesRead, PULONG MinNumberOfBytesNeeded)
Definition: rpc.c:940
signed char * PSTR
Definition: retypes.h:7
unsigned int * PULONG
Definition: retypes.h:1
NTSTATUS NTAPI ElfReportEventA(IN HANDLE hEventLog, IN USHORT EventType, IN USHORT EventCategory, IN ULONG EventID, IN PSID UserSID, IN USHORT NumStrings, IN ULONG DataSize, IN PANSI_STRING *Strings, IN PVOID Data, IN USHORT Flags, IN OUT PULONG RecordNumber, IN OUT PULONG TimeWritten)
Definition: eventlog.c:1323
BOOL WINAPI DeregisterEventSource(IN HANDLE hEventLog)
Definition: eventlog.c:473
#define EVENTLOG_FORWARDS_READ
Definition: winnt_old.h:2626
WCHAR SourceName[256]
Definition: arping.c:28
NTSTATUS NTAPI ElfOpenEventLogW(IN PUNICODE_STRING UNCServerNameU, IN PUNICODE_STRING SourceNameU, OUT PHANDLE phEventLog)
Definition: eventlog.c:951
NTSTATUS WINAPI ElfrFlushEL(IELF_HANDLE LogHandle)
Definition: rpc.c:1196
HANDLE WINAPI OpenEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
Definition: eventlog.c:919
#define HEAP_ZERO_MEMORY
Definition: compat.h:123
DWORD * PDWORD
Definition: pedump.c:68
NTSTATUS WINAPI ElfrReportEventA(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, USHORT NumStrings, ULONG DataSize, PRPC_STRING ComputerName, PRPC_SID UserSID, PRPC_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:992
NTSTATUS NTAPI ElfOpenEventLogA(IN PANSI_STRING UNCServerNameA, IN PANSI_STRING SourceNameA, OUT PHANDLE phEventLog)
Definition: eventlog.c:885
NTSTATUS WINAPI ElfrRegisterEventSourceA(EVENTLOG_HANDLE_A UNCServerName, PRPC_STRING ModuleName, PRPC_STRING RegModuleName, ULONG MajorVersion, ULONG MinorVersion, PIELF_HANDLE LogHandle)
Definition: rpc.c:849
#define OUT
Definition: typedefs.h:39
uint32_t * LPDWORD
Definition: typedefs.h:57
unsigned int ULONG
Definition: retypes.h:1
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
NTSTATUS NTAPI NtQuerySystemTime(OUT PLARGE_INTEGER SystemTime)
Definition: time.c:417
_In_ ACCESS_MASK _In_opt_ POBJECT_ATTRIBUTES _In_ EVENT_TYPE EventType
Definition: exfuncs.h:165
HANDLE WINAPI OpenBackupEventLogA(IN LPCSTR lpUNCServerName, IN LPCSTR lpFileName)
Definition: eventlog.c:725
NTSTATUS NTAPI ElfClearEventLogFileW(IN HANDLE hEventLog, IN PUNICODE_STRING BackupFileNameU)
Definition: eventlog.c:347
#define ERROR_INVALID_LEVEL
Definition: winerror.h:196
_In_ UINT _Out_ PNDIS_HANDLE LogHandle
Definition: ndis.h:5381
NTSTATUS WINAPI ElfrNumberOfRecords(IELF_HANDLE LogHandle, PULONG NumberOfRecords)
Definition: rpc.c:353
HANDLE WINAPI RegisterEventSourceW(IN LPCWSTR lpUNCServerName, IN LPCWSTR lpSourceName)
Definition: eventlog.c:1295
static SERVICE_STATUS status
Definition: service.c:31
static const CHAR FileNameA[]
LPSTR EVENTLOG_HANDLE_A
Definition: eventlogrpc.idl:25
BYTE * PBYTE
Definition: pedump.c:66
HANDLE WINAPI RegisterEventSourceA(IN LPCSTR lpUNCServerName, IN LPCSTR lpSourceName)
Definition: eventlog.c:1224
#define HeapFree(x, y, z)
Definition: compat.h:394
_In_ NDIS_STATUS _In_ ULONG _In_ USHORT _In_opt_ PVOID _In_ ULONG DataSize
Definition: ndis.h:4751
PSDBQUERYRESULT_VISTA PVOID DWORD * dwSize
Definition: env.c:54
static PLARGE_INTEGER Time
Definition: time.c:105
handle_t __RPC_USER EVENTLOG_HANDLE_A_bind(EVENTLOG_HANDLE_A UNCServerName)
Definition: eventlog.c:40
NTSTATUS WINAPI ElfrReportEventAndSourceW(IELF_HANDLE LogHandle, ULONG Time, USHORT EventType, USHORT EventCategory, ULONG EventID, PRPC_UNICODE_STRING SourceName, USHORT NumStrings, ULONG DataSize, PRPC_UNICODE_STRING ComputerName, PRPC_SID UserSID, PRPC_UNICODE_STRING Strings[], PBYTE Data, USHORT Flags, PULONG RecordNumber, PULONG TimeWritten)
Definition: rpc.c:1224
NTSYSAPI BOOLEAN NTAPI RtlDosPathNameToNtPathName_U(_In_opt_z_ PCWSTR DosPathName, _Out_ PUNICODE_STRING NtPathName, _Out_opt_ PCWSTR *NtFileNamePart, _Out_opt_ PRTL_RELATIVE_NAME_U DirectoryInfo)
_In_ LPCSTR lpFileName
Definition: winbase.h:3011
#define RPC_S_OK
Definition: rpcnterr.h:22
NTSTATUS NTAPI ElfBackupEventLogFileA(IN HANDLE hEventLog, IN PANSI_STRING BackupFileNameA)
Definition: eventlog.c:154
#define RpcExcept(expr)
Definition: rpc.h:127
NTSTATUS WINAPI ElfrOldestRecord(IELF_HANDLE LogHandle, PULONG OldestRecordNumber)
Definition: rpc.c:402
LONG WINAPI I_RpcMapWin32Status(RPC_STATUS status)
Definition: rpcrt4_main.c:741
Definition: ps.c:97